Home
- Gegevens
- Geschreven door: gbonny
- Hits: 1519
Archiving
Matomo 4 recommends using cron for archiving purposes. First you need to disable in system - general "browser archiving".
Then we can create a new cron job:
sudo vim /etc/cron.d/matomo-archive
Insert and modify where needed:
MAILTO="Dit e-mailadres wordt beveiligd tegen spambots. JavaScript dient ingeschakeld te zijn om het te bekijken. "
5 * * * * www-data /usr/bin/php /var/www/html/matomo/console core:archive --url=http://example.com/matomo/ > /var/log/matomo-archive.log
You can test and verify the outcome:
sudo su www-data -s /bin/bash -c "/usr/bin/php /var/www/html/matomo/console core:archive --url=http://example.com/matomo/"
File permissions
Sometimes in system check you get errors like:
Try #: LOAD DATA INFILE : SQLSTATE[28000]: Invalid authorization specification: 1045 Access denied for user ‘matomo’@’%’ (using password: YES)[28000]
Try #: LOAD DATA INFILE : SQLSTATE[HY000]: General error: 13 Can't get stat of '/var/www/html/matomo/tmp/assets/matomo_option-d600bef9d230d99e92a7ce3b9541b49c.csv' (OS errno 13 - Permission denied),
Try #: LOAD DATA LOCAL INFILE : SQLSTATE[42000]: Syntax error or access violation: 3948 Loading local data is disabled; this must be enabled on both the client and server sides[42000]
To fix this you need to take the following steps:
First you need to add the global FILE permission to your matomo user
$ mysql> GRANT FILE ON *.* TO 'matomo'@'localhost';
Then you need to edit:
sudo vim /etc/mysql/conf.d/mysql.cnf
# add
[mysql]
local-infile = 1
[mysqld]
local-infile = 1
# restart service
sudo service mysql restart
That should be it.
- Gegevens
- Geschreven door: gbonny
- Hits: 1057
Since Joomla version 3.10 it is recommended to turn output_buffering off in php.ini
This can be done easily by editing:
sudo vim /etc/php/7.4/apache2/php.ini
# add/modify
output_buffering = off
# restart service
sudo service apache2 restart
Check your PHP version, in this example it's 7.4. Thats it!
- Gegevens
- Geschreven door: gbonny
- Hits: 4427
In a previous article was described how to install Fail2Ban. Now on a regular basis you'll need to reboot your operating system to finish installing (security) updates. Without extra measures previously banned IP addresses are being lost. To make a ban permanent you'll need to create a new file:
sudo touch /etc/fail2ban/ip.blacklist
Edit the file /etc/fail2ban/action.d/iptables-multiport.conf and search for actionban and add the second line:
actionban = iptables -I fail2ban-<name> 1 -s <ip> -j DROP
echo <ip> >> /etc/fail2ban/ip.blacklist
Now search for actionstart and add the fourth line:
actionstart = iptables -N fail2ban-<name>
iptables -A fail2ban-<name> -j RETURN
iptables -I INPUT -p <protocol> -m multiport --dports <port> -j fail2ban-<name>
cat /etc/fail2ban/ip.blacklist | sort | uniq | while read IP; do iptables -I fail2ban-<name> 1 -s $IP -j DROP; done
Restart your service: sudo service fail2ban restart
Now you'll notice that IP's are being banned, and the ip.blacklist is getting filled with these IP addresses as well. When Fail2Ban service is restarted or your your system is restarted it will import all the IP's listed in the ip.blacklist.
- Gegevens
- Geschreven door: gbonny
- Hits: 4188
In a previous article was the installation of Fail2Ban described. You'll notice after a few days Fail2Ban stops working. This happens right after logrotation, so it seems. To fix this you'll need to edit /etc/fail2ban/jail.local and change the following line:#polling = auto
polling = backend